Kyiv’s HUR Cyber Corps attacked Russia’s North Caucasus University, destroying over 150 terabytes of data and weakening the training of technical specialists for Moscow’s military.
It’s not. I work at a research university and while our critical systems are much less than that—mostly datasets and documents—repositories for research and knowledge management information are full of media that’s well over 150TB.
But…
destroying over 150 terabytes of enemy resources, including websites, databases, and file storage.
If it’s more the databases, yeah, that’s some huge damage. An information system holding 100GB of data could be the source of 20 years of pay, employee, org structure, access governance, IDs, the lot; gone. And all dependent systems to it go blind because they use that database to work, rather than storing their own copy of it.
However, we also daily backup those critical systems in multiple ways. This includes for ransomware. It can be destroyed and it doesn’t matter unless the hacker knew about and was able to also hack an entirely different setup geographically located somewhere else with its own security and network independent to what we primarily rely on. A lot of our data is, by law, scheduled and retained on government systems too, but only every few months. So there’s yet another hard hurdle to find out and attempt to breach. Get all three at once, yeah, you got us, but what an impressive and mammoth hack that would be.
This is where similarities stop. IMO many Russians view any sort of law as guidelines on how to not get caught. I wouldn’t be surprised if any money that was supposed to be spent on backups was spent but without anything to show for it.
It’s not. I work at a research university and while our critical systems are much less than that—mostly datasets and documents—repositories for research and knowledge management information are full of media that’s well over 150TB.
But…
If it’s more the databases, yeah, that’s some huge damage. An information system holding 100GB of data could be the source of 20 years of pay, employee, org structure, access governance, IDs, the lot; gone. And all dependent systems to it go blind because they use that database to work, rather than storing their own copy of it.
However, we also daily backup those critical systems in multiple ways. This includes for ransomware. It can be destroyed and it doesn’t matter unless the hacker knew about and was able to also hack an entirely different setup geographically located somewhere else with its own security and network independent to what we primarily rely on. A lot of our data is, by law, scheduled and retained on government systems too, but only every few months. So there’s yet another hard hurdle to find out and attempt to breach. Get all three at once, yeah, you got us, but what an impressive and mammoth hack that would be.
This is where similarities stop. IMO many Russians view any sort of law as guidelines on how to not get caught. I wouldn’t be surprised if any money that was supposed to be spent on backups was spent but without anything to show for it.
Even for a military university, I’m inclined to agree. I would not be at all surprised if that were the truth.
You could buy vodka instead of backup media and it’s not like anything will go wrong